Skip to content

Instantly share code, notes, and snippets.

View sunnyc7's full-sized avatar

Sunny Chakraborty sunnyc7

46 followers · 165 following
  • NJ
View GitHub Profile
@sunnyc7
sunnyc7 / Get-InstalledProducts.ps1
Created January 31, 2014 15:22
Get Installed Products using MOF files. Entry for Scripting games
#Get MOF File Method
$mof = @'
#PRAGMA AUTORECOVER
[dynamic, provider("RegProv"),
ProviderClsid("{fe9af5c0-d3b6-11ce-a5b6-00aa00680c3f}"),ClassContext("local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall")]
class SG_InstalledProducts {
[key] string KeyName;
[read, propertycontext("DisplayName")] string DisplayName;
[read, propertycontext("DisplayVersion")] string DisplayVersion;
@sunnyc7
sunnyc7 / Get-DefinitionAndHelp.ps1
Created February 5, 2014 19:49
Find all references to Steppable Pipeline in Powershell help file and definitions.
#1 YMMV:
#2 Depends on the number of modules loaded in your session.
$allfunc = Get-Command | where {$_.CommandType -EQ "Function" -or $_.CommandType -eq "CmdLet"} | select -ExpandProperty Name
foreach ($cmd in $allfunc) {
(Get-Command $cmd).Definition | Out-File -Encoding ascii C:\scripts\$cmd-definition.txt
Get-help $cmd -Full| Out-File -Encoding ascii C:\scripts\$cmd-help.txt
}
Get-Content C:\scripts\*.txt | where {$_ -like "*Steppable*"} | select *
@sunnyc7
sunnyc7 / CodeLikeABoss
Last active August 29, 2015 13:56
They code powershell like a BOSS
Lee Holmes http://www.leeholmes.com/blog/
Oisin G http://www.nivot.org/
Jaykul http://huddledmasses.org/
Vadim Podams http://sysadmins.lv/
Roman Kuzmin http://nightroman.wordpress.com/
Matt Graeber http://www.exploit-monday.com/
Joe Bialek http://clymb3r.wordpress.com/
Glenn Sizemore https://twitter.com/glnsize
Bartek Bielawski http://becomelotr.wordpress.com/
Jim Christopher http://www.beefycode.com/default.aspx
@sunnyc7
sunnyc7 / Get-RipeMDHash.ps1
Created February 28, 2014 16:48
Powershell RipeMD hashing implementation.
Function Get-RipeMDHash {
[cmdletbinding()]
Param(
[Parameter(Mandatory = $True)]
[ValidateScript({Test-Path $_ })]
$file
)
Process {
$reader = [System.IO.File]::OpenText($file)
$RIPEMD160 = [System.Security.Cryptography.RIPEMD160]::Create()
@sunnyc7
sunnyc7 / ripemd-blog.md
Last active August 29, 2015 13:56
Ripe MD Implementation in Powershell.

RIPMEMD160 hashing in Powershell.

RipeMD supports avalanche effect, whereas a small change in the original input results in a significant change in the hash. Also a zero-length string has a hash. (But it was difficult for me to implement a zero-bytes input, around the Get-Bytes class.)

The MSDN page suggests that RIPEMD160 class is supported in .Net 2.0 Framework.

@sunnyc7
sunnyc7 / roger-params.ps1
Created February 28, 2014 19:55
Pass by Value, Pass by reference.
$s = New-PSSession -ComputerName servermaame
#I am using PID 0,4, assigned to System and Idle for testing, as they are always available.
$pid1 = 4
$processId = 0
# CASE: Remote session variable, but no argument list to pass.
# This wont work, because there is no argument list assignment to pass to the scriptblock
Invoke-Command -Session $s -Script { param($processId) Get-Process -Id $processId }
@sunnyc7
sunnyc7 / mjolinor_exchange_config_script_feedback.md
Created February 28, 2014 21:32

Immediate Thoughts:

  • I like it. This is as close as it gets to feature complete for documenting current Exchange-ORG config's. This should be run as a batch job every morning, and monitored.
  • I would like to output Hostname.clixml, instead of GUID.clixml, so that I can look for a server config. It's a little hard to remember the starting GUID keys for your servernames.
  • I want to control what gets output, and what data am I monitoring. For example, runspace session info is present in CLIXML

I am coming from this perspective:

The objective of documenting Exchange-ORG config's is:

@sunnyc7
sunnyc7 / get-continiouscounterpoll.ps1
Last active August 29, 2015 13:57
Get-Continuous counter polling without the messy counter path handling.
# Author: Sunny Chakraborty. 2014 (@sunnyc7)
# BasedOn: Matt Graeber's beautiful work with Powershell Lambda functions.
# Powershell Magazine Source: http://www.powershellmagazine.com/2013/12/23/simplifying-data-manipulation-in-powershell-with-lambda-functions/
# Code: get-continiouscounterpoll.ps1
# Source: https://gist.github.com/9579625
<#
You can copy list of counters in counter-paths.txt.
Please avoid using * based counter paths. Instead use (_total)
@sunnyc7
sunnyc7 / Get-EventedLogin.ps1
Created March 19, 2014 18:57
Monitor Logon Events when they occur, not by doing a > get-winevent -logname Security -eventid 4624
Function Get-EventedLogin {
param (
[int]$eventid
)
#WQL on InstanceCreationEvent
$query = "Select * FROM __InstanceCreationEvent WITHIN 10 WHERE TargetInstance ISA 'Win32_NTLogEvent' AND TargetInstance.LogFile='Security' AND TargetInstance.EventCode='$eventid'"
#WMI Evented Log Monitor
$registerAnEvent = Register-WmiEvent <#-ComputerName $computer#> -Query $query -SourceIdentifier MonitorEvent -Action{
@sunnyc7
sunnyc7 / Sneakers.md
Last active August 29, 2015 13:57
Sneakers soundbites.

Sneakers Soundbites.

  • It will be a breakthrough of Gaussian proportions.

  • The numbers are so big, that all the computers in the world are not able to break them down.

  • (Marty looking through a video camera at Dr. Janek)This is good. He is going to type in his password and we are going to get a clear shot. Here we go...Now we are going to get our password. Maybe there is a frame or two where she doesnt block it (Watching Dr. Janek typing his password)